How can I add a second device to a Google account to generate the one time password with?
I have added my iPhone (with the Google Authenticator app) during the 2-step verification setup wizard but I also want to add my iPad.
I can't see any options to add another device in my Google account 2-step verification section nor could I find any hints by searching the Google account help.

3 Answers
3

You can have multiple devices generate the same one time passwords by scanning the same QR code into both devices during the setup wizard.
If you have already left the setup page you will have to generate a new QR code aka shared secret (Google won't display it again for security reasons).

Update: Make sure that the clocks of both devices are perfectly synced or one or possibly both devices will generate the wrong code.

If you click "Can't scan the QR code?" during device setup, the secret key is displayed.

You can then store that secret key VERY securely (think: printed in a safe, GPG encrypted with a strong key, or whatever) and add it to new devices without having to get all devices together and re-key them all at once.

If your secret key is exposed you lose all benefits of 2factor auth, so do not do this unless you have an extremely secure way of storing the secret. Mine's stored, but it's GPG encrypted on an SD card I keep locked up for disaster recovery. It's not going anywhere.

You still have to go through and re-configure once, to add your 2nd device and record the key securely, but after that you can add more devices with only the key.

Personally I don't recommend this; you're better off generating emergency recovery 2factor codes using the accounts UI and using them if you lose your device, rather than adding a 2nd device and adding to your attack surface. I've only done it because for various non-technical reasons I cannot keep the same device with me everywhere, and one of them is reset regularly.

I was having the same issue until I installed Clocksync (Must have rooted phone if on android) and synced both phones to atomic time prior to verification process. I scanned the QR code into both devices which in turn generated the same keys on both devices. 1 of the devices is connected to a phone provider that updates the time automatically which is about 40 seconds off from atomic time. Anytime using Google Authenticator with the device not synced with atomic time, the generated codes will not work. I must sync the device with atomic time again in order for the correct codes to be generated. Hope this has helped someone!